shelf-jwt-sessions
v0.1.1
Published
A simple tool for defining user session model classes in redis using shelf and jwt
Downloads
7
Readme
shelf-sessions
Define user session model classes with ttl in redis using jwt and shelf.
Introduction
For when you need to store volatile user sessions, with all that useful info you need, but don't want to go through the pain of creating special cron jobs to clear them. Creating new sessions should be easy and authenticating requests should be fast, so, here you go, jwt + redis, perfect combo!
Shelf sessions uses joi for schema validation and node-jsonwebtoken lib for issuing tokens and validating them.
Example
const ShelfSessions = require('shelf-jwt-sessions')
const Crypto = require('crypto')
const Joi = require('joi')
const secret = Crypto.randomBytes(128)
let MyShelf = ShelfSessions('test', secret, {
algorithm: 'HS256',
subject: 'yolo',
issuer: 'me'
})
let MyModel = MyShelf.extend({
name: 'basic-user',
props: {
userAgent: Joi.string()
}
})
MyModel.createSession({
userId: 'me',
scopes: ['default'],
userAgent: 'stuff from the header'
}, (err, result) => {
if (err) throw err
MyModel.authenticate(result.jwt, console.log)
})
API
ShelfSessions(name, secretOrPrivateKey, [options])
Initiate a ShelfSessions instance.
name
will be the name used to instantiate ShelfsecretOrPrivateKey
secret/private key used to sign the JWT's as described by the node-jsonwebtoken library. It must be a string or a buffer.[options]
series of optional parameters used by node-jsonwebtoken and Shelf[algorithm]
algorithm used to sign the jwt[audience]
audience claim[subject]
subject claim[issuer]
issuer claim[headers]
additional headers as specified by node-jsonwebtoken[ttl]
sessions ttl in seconds. Defaults to 72 hours[shelf]
an already inited shelf instance (will override connection options to instantiate Shelf)[host]
redis host used by Shelf[port]
redis port used by Shelf[password]
redis password used by Shelf[defaultProps]
an optional json object whose keys should be Joi objects. This is used to extend the default session schema and be used on all the.extend()
calls. The default schema will be:
You can extend the schema at will but this three keys must always exist.{ jwt: Joi.string().required(), userId: Joi.string().required(), scopes: Joi.array().min(1).required() }
.extend(model)
Generate a SessionModel schema similar to what you would do with a regular Shelf instance. The provided schema will then be used to operate on the specified models.
model
a model similar to what you would use inShelf.extend(model)
name
a mandatory name for the schema.[props]
an optional json object whose keys should be Joi objects, used to extend the base user model according to thedefaultProps
.
** Note: ** no keys array is provided to act as Redis key, as it will always be the
jwt
.
SessionModel
The result of the .extend()
call. This will allow to make operations based on the schemas and options previously provided.
.deleteSession(token, callback)
Delete the sessions associated with the token
. The callback
will be called with an error in case of failure.
token
jwt tokencallback
a callback function
.createSession(session, callback)
Creates a session based on the given session
object. The callback will be called as - callback(error, resultSession)
- being that, if successful, the provided resultSession
will be a Shelf Model with all the normal operations associated to it.
session
a session json objectcallback
a callback function
.authenticate(token, callback)
Given a jwt, this method verifies it and returns the correspondent session
Shelf Model stored in Redis. The callback will be called as - callback(error, resultSession)
token
jwt tokencallback
a callback function
Contributing
We use standard js.
In order to run the tests you should have an Redis instance running locally.
License
MIT